NFS server configuration

To get the home directory mounted, you need to configure a NFS server.
The NFS server is called instructor.example.com in the procedure.
Note: it’s not required to have the LDAP server and the NFS server on the same machine, it’s only easier.

Automounter Client configuration

Install the following packages:

# yum install -y autofs nfs-utils

Create a new indirect /etc/auto.guests map and type:

* -rw,nfs4 instructor.example.com:/home/guests/&

Add the following line at the beginning of the /etc/auto.master file:

/home/guests /etc/auto.guests

Start the Automounter daemon and enable it at boot:

# service autofs start && chkconfig autofs on

Test the configuration:

# su - ldapuser02

(1 votes, average: 4.00 out of 5)

Loading...

Leave a Reply

8 Comments on "LDAP: Configure a system to use an existing LDAP directory service for user and group information."

First, congratulation for your success!
Then, concerning the LDAP configuration, there shouldn’t be any requirement to open ports on the LDAP client side as all the flows aren’t coming in but out.
Would it be possible that there were any restrictions at the /etc/hosts.deny level or somewhere else? I sincerely don’t know.

2 years ago

Member

Abdelrahman

Hi,
Good day,

Thank you for your effort.
I just have a question, What do you mean by this part “Note: Don’t use TLS if you specify ldaps”? Do you mean that I shouldn’t check the “[ ] Use TLS” if I specify the ldap server in the following field “ldap://instructor.example.com” ?

According to my tests (done more than one year ago), you have to make some choices:
– check the Use TLS box and specify the ldap://instructor.example.com url,
– or leave the Use TLS box unchecked and use the ldaps://instructor.example.com url.
But you can’t mix the options or it won’t work!

2 years ago

Member

bos1234

On this line: * -rw,nfs4 instructor.example.com:/home/guests/&

what does the ampersand signify?

1 year ago

Member

Gjorgi

Ampersand means “mount point will bear the same name as the remote mount.” The asterisk will be named after whatever the ampersand is named.
If shared resource /resource is mounted on a subdirectory of /mnt of the local host, that subdirectory will be named “resource”.

I’m just cuting and pasting the man 5 autofs pages: Wildcard Key A map key of * denotes a wild-card entry. This entry is consulted if the specified key does not exist in the map. A typical wild-card entry looks like this: * server:/export/home/& The special character ‘&’ will be replaced by the provided key. So, in the example above, a lookup for the key ‘foo’ would yield a mount of server:/export/home/foo. The & repeats what the * represented.